| From: | Michael Paquier <michael(at)paquier(dot)xyz> |
|---|---|
| To: | "Drouvot, Bertrand" <bdrouvot(at)amazon(dot)com> |
| Cc: | Jacob Champion <jchampion(at)timescale(dot)com>, Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Joe Conway <mail(at)joeconway(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: SYSTEM_USER reserved word implementation |
| Date: | 2022-08-24 04:27:12 |
| Message-ID: | YwWooBzPlfzncJea@paquier.xyz |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Aug 17, 2022 at 04:48:42PM +0200, Drouvot, Bertrand wrote:
> That way one could test the SYSTEM_USER behavior without the need to have
> kerberos enabled.
I was looking at this patch and noticed that SYSTEM_USER returns a
"name", meaning that the value would be automatically truncated at 63
characters. We shouldn't imply that as authn_ids can be longer than
that, and this issue gets a bit worse once with the auth_method
appended to the string.
+if (!$use_unix_sockets)
+{
+ plan skip_all =>
+ "authentication tests cannot run without Unix-domain sockets";
+}
Are you sure that !$use_unix_sockets is safe here? Could we have
platforms where we use our port's getpeereid() with $use_unix_sockets
works? That would cause the test to fail with ENOSYS. Hmm. Without
being able to rely on HAVE_GETPEEREID, we could check for the error
generated when the fallback implementation does not work, and skip the
rest of the test.
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2022-08-24 04:32:53 | Re: ecpg assertion on windows |
| Previous Message | Andres Freund | 2022-08-24 04:26:47 | Re: ecpg assertion on windows |